wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 07:52:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,333 Commits 12 Branches 184 Tags
ccda176bfa277e0bfb700bf4e402225abbb176a6
Commit Graph

2308 Commits

Author SHA1 Message Date
toddouska
ccda176bfa Merge pull request #1183 from SparkiDev/tls13_nu 
Disallow upgrading to TLS v1.3
 2017-10-18 08:53:00 -07:00
toddouska
9920bdf097 Merge pull request #1103 from SparkiDev/sp_rsa 
Single Precision maths for RSA, DH and ECC
 2017-10-18 08:44:47 -07:00
David Garske
3d7e86f08d Added missing API's for disabling OCSP stapling. Added OCSP stapling enable/disable for WOLFSSL. 2017-10-17 13:52:05 -07:00
Sean Parkinson
9e4e58fe8c Disallow upgrading to TLS v1.3 
Change SupportedVersions extension to only include TLS v1.3 if downgrade
is disabled.
Fix parsing of SupportedVersions extension
Don't upgrade
Only downgrade in SupportedVersions extension if option enabled
 2017-10-17 08:52:12 +10:00
Sean Parkinson
90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
toddouska
819acd18a7 Merge pull request #1180 from SparkiDev/tls13_nd 
Fixed DRAFT_18 define and fixed downgrading with TLS v1.3
 2017-10-13 09:24:55 -07:00
toddouska
b79b816276 Merge pull request #1168 from dgarske/ctx_get_cm 
Add method to get WOLFSSL_CTX certificate manager
 2017-10-13 09:13:54 -07:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
toddouska
04106a0089 Merge pull request #1174 from dgarske/ocsp_cb_ctx 
Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object
 2017-10-12 10:02:49 -07:00
David Garske
6021c37ec7 Refactor WOLF_SSL_ to WOLFSSL_ (much better). 2017-10-11 09:10:43 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
Sean Parkinson
7dca25ea88 Fixed DRAFT_18 define and fixed downgrading with TLS v1.3 
Changed the define in configure.ac to match the one used in the code.
Fixed downgrading to disallow unless ssl->options.downgrade is set.
TLS 1.3 client method does not have downgrade on anymore.
Test changed to not expect downgrading to work.
Test of TLS v1.3 client downgrade is actually upgrading on server.
Fixed 80 character line problems.
 2017-10-11 12:17:28 +10:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
David Garske
280de41515 Improvement to wolfSSL_SetOCSP_Cb to set the context per WOLFSSL object (callback functions are same). Adding API unit tests next. 2017-10-06 12:18:21 -07:00
David Garske
19ea4716f3 Add unit tests for wolfSSL_CTX_GetCertManager, wolfSSL_CTX_UnloadCAs, wolfSSL_CertManagerUnloadCAs and wolfSSL_CTX_get_cert_cache_memsize. Fixed comment typo PERSISTE_CERT_CACHE. 2017-10-03 10:00:20 -07:00
David Garske
dcf61bd10e Added new API wolfSSL_CTX_GetCertManager for getting the WOLFSSL_CTX certificate manager. 2017-10-03 08:46:15 -07:00
Jacob Barthelmeh
9bf14a152f change return value for wolfSSL_ASN1_TIME_print 2017-09-29 10:28:10 -06:00
Jacob Barthelmeh
8cd0b7dfc7 fix for wolfSSL_ASN1_TIME_print function 2017-09-28 15:30:46 -06:00
JacobBarthelmeh
09e92c518d Merge pull request #1163 from cconlon/mysql_sha 
Add returns to OpenSSL compatibility SHA functions
 2017-09-28 13:12:14 -06:00
Chris Conlon
34ef7207f9 check hash function returns in wolfSSL_EVP_DigestInit 2017-09-28 11:19:51 -06:00
Chris Conlon
eff781c0aa add int return to OpenSSL compatibility MD5 functions 2017-09-28 11:12:18 -06:00
Chris Conlon
ef141c3ce9 add int return to OpenSSL compatibility SHA functions 2017-09-27 14:28:19 -06:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
dgarske
fadee8fbf2 Merge pull request #1161 from cconlon/mysql_compat 
Enable ASN1_TIME_print when WOLFSSL_MYSQL_COMPATIBLE is defined
 2017-09-26 15:44:50 -07:00
Chris Conlon
b4f7997fdc enable ASN1_TIME_print when WOLFSSL_MYSQL_COMPATIBLE is defined 2017-09-26 15:02:13 -06:00
Koichi Tsujino
e8f95b9252 add EVP_get_cipherbynid 2017-09-26 08:58:36 +09:00
Chris Conlon
46f7e786cb exclude wolfSSL_SSL_get0_session when NO_SESSION_CACHE is defined 2017-09-25 14:07:17 -06:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
Jacob Barthelmeh
80333979a9 fix for wolfSSL_X509_NAME_get_text_by_NID 2017-09-20 17:31:53 -06:00
Jacob Barthelmeh
3763b88397 rename the file io.h to wolfio.h 2017-09-20 10:53:11 -06:00
John Safranek
2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
toddouska
23fff62d8b Merge pull request #1135 from dgarske/cy 
Fix issue with empty array (requires C99 compliance).
 2017-09-13 14:39:50 -07:00
toddouska
bea82ce214 Merge pull request #1118 from JacobBarthelmeh/mysql 
downgrade with options set when using opensslextra feature
 2017-09-13 14:12:09 -07:00
David Garske
932773735b Cleanup the wolfIO_Send function. 2017-09-11 05:48:41 -07:00
Jacob Barthelmeh
f7ea118dd7 downgrade with options set when using opensslextra feature 2017-09-01 13:47:56 -06:00
Jacob Barthelmeh
8807b8af4f additional sanity checks 2017-08-31 16:00:08 -06:00
dgarske
7ac0bab37e Merge pull request #1114 from kojo1/tls1.3 
bring up settings.h in tls13.c
 2017-08-30 13:00:40 -07:00
toddouska
9aef8a91fd Merge pull request #1120 from JacobBarthelmeh/Testing 
fix creating shared secret with ECC private only key
 2017-08-30 11:02:14 -07:00
Jacob Barthelmeh
3dbe5d2af9 fixes for Windows build 2017-08-29 12:02:24 -06:00
Jacob Barthelmeh
a8417c1078 using memory bio with no filesystem and adjustment for Windows line ending 2017-08-25 15:11:10 -06:00
Jacob Barthelmeh
7918b31cae cast to fix warning on Windows with Visual Studio 2017-08-24 15:22:32 -06:00
Jacob Barthelmeh
4b630b67fa fix advancing memory WOLFSSL_BIO when reading 2017-08-23 11:37:19 -06:00
Takashi Kojo
7892714516 bring up settings.h before #ifdef WOLFSSL_TLS13 2017-08-22 20:13:17 +09:00
David Garske
2b7f4b0903 Adds async blocking support for sniffer tool. 2017-08-21 11:07:13 -07:00
toddouska
c330c6b7f9 Merge pull request #1109 from JacobBarthelmeh/Testing 
fix check on ephemeral key type before free'ing
 2017-08-18 11:53:08 -07:00
toddouska
8a37af42bf Merge pull request #1108 from dgarske/fix_async_misc 
Fixes for async ECC encrypt, ParseCertRelative and API Unit test inits
 2017-08-18 11:44:28 -07:00
Jacob Barthelmeh
c6e722170e fix check on ephemeral key type before free'ing 2017-08-18 10:55:38 -06:00
Jacob Barthelmeh
f6ad5524eb remove invalid test-qsh version tests, revert if statement check in internal.c 2017-08-17 11:27:47 -06:00
Jacob Barthelmeh
3fda99cbc4 seperate build of QSH from build of NTRU 2017-08-16 14:19:38 -06:00
David Garske
f7ca2f157d Improvement on the ParseCertRelative fixes for intializing the event prior to operation. Fix possible uninitialized value with DecryptKey and DES3. 2017-08-16 13:19:31 -07:00